[standards-jig] Small Footprint Clients and Authentication

Robert Norris rob at cataclysm.cx
Fri May 30 00:34:16 UTC 2003


> >> 11.5 Mandatory to Implement Technologies
> >
> >Key word is "implement". In order to be considered compliant, a server
> >myst implement DIGEST-MD5. If I'm an administrator, I don't have to 
> >make it available to clients.
> 
> OK, maybe I missed something. This part of the spec is only for servers?
> (still, to be required to implement something you'll never use?)

You make a good point - didn't think of clients when reading this.

Perhaps implementing DIGEST-MD5 should be a MUST requirement for
servers, and a SHOULD requirement for clients? Same for the TLS stuff.
That way, a client can not implement something if it doesn't work for
its particular circumstances?

I'll raise this on the XMPP working group list.

Rob.

-- 
Robert Norris                                       GPG: 1024D/FC18E6C2
Email+Jabber: rob at cataclysm.cx                Web: http://cataclysm.cx/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.jabber.org/pipermail/standards/attachments/20030530/9dcf7353/attachment.sig>


More information about the Standards mailing list